}
    return result;
  }

  // CRC32C

  @Benchmark
  byte crc32cHashFunction(int reps) {
    return runHashFunction(reps, Hashing.crc32c());
  }

  // Adler32

  @Benchmark
  byte adler32HashFunction(int reps) {
    return runHashFunction(reps, Hashing.adler32());
  }

  @Benchmark
  byte adler32Checksum(int reps) throws Exception {
    byte result = 0x01;
    for (int i = 0; i < reps; i++) {

    }
    return result;
  }

  // CRC32C

  @Benchmark
  byte crc32cHashFunction(int reps) {
    return runHashFunction(reps, Hashing.crc32c());
  }

  // Adler32

  @Benchmark
  byte adler32HashFunction(int reps) {
    return runHashFunction(reps, Hashing.adler32());
  }

  @Benchmark
  byte adler32Checksum(int reps) throws Exception {
    byte result = 0x01;
    for (int i = 0; i < reps; i++) {

   *     of this class typically expect for instances to have a non-null cause. At the moment, you
   *     can <i>usually</i> still preserve behavior by passing an explicit {@code null} cause. Note,
   *     however, that passing an explicit {@code null} cause prevents anyone from calling {@link
   *     #initCause} later, so it is not quite equivalent to using a constructor that omits the
   *     cause.
   */

                                  description: The Maglev load balancer implements
                                    consistent hashing to backend hosts.
                                  properties:
                                    tableSize:
                                      description: The table size for Maglev hashing.
                                      minimum: 0
                                      type: integer

   *     accepts a cause: Users of this class typically expect for instances to have a non-null
   *     cause. At the moment, you can <i>usually</i> still preserve behavior by passing an explicit
   *     {@code null} cause. Note, however, that passing an explicit {@code null} cause prevents
   *     anyone from calling {@link #initCause} later, so it is not quite equivalent to using a
   *     constructor that omits the cause.
   */

# OAuth2 mit Password (und Hashing), Bearer mit JWT-Tokens

Da wir nun über den gesamten Sicherheitsablauf verfügen, machen wir die Anwendung tatsächlich sicher, indem wir <abbr title="JSON Web Tokens">JWT</abbr>-Tokens und sicheres Passwort-Hashing verwenden.

Diesen Code können Sie tatsächlich in Ihrer Anwendung verwenden, die Passwort-Hashes in Ihrer Datenbank speichern, usw.

Wir bauen auf dem vorherigen Kapitel auf.

## Über JWT

## Password hashing

"Hashing" means converting some content (a password in this case) into a sequence of bytes (just a string) that looks like gibberish.

Whenever you pass exactly the same content (exactly the same password) you get exactly the same gibberish.

But you cannot convert from the gibberish back to the password.

### Why use password hashing

              }
            });

    assertExpectedBytes(readBytes);
  }

  public void testHash() throws IOException {
    HashCode expectedHash = Hashing.md5().hashBytes(expected);
    assertEquals(expectedHash, source.hash(Hashing.md5()));
  }

  public void testSlice_illegalArguments() {
    assertThrows(
        "expected IllegalArgumentException for call to slice with offset -1: " + source,

Sie sollten niemals Klartext-Passwörter speichern, daher verwenden wir ein (gefaktes) Passwort-Hashing-System.

Wenn die Passwörter nicht übereinstimmen, geben wir denselben Fehler zurück.

#### Passwort-Hashing

„Hashing“ bedeutet: Konvertieren eines Inhalts (in diesem Fall eines Passworts) in eine Folge von Bytes (ein schlichter String), die wie Kauderwelsch aussieht.

Let's put that data in the Pydantic `UserInDB` model first.

You should never save plaintext passwords, so, we'll use the (fake) password hashing system.

If the passwords don't match, we return the same error.

#### Password hashing

"Hashing" means: converting some content (a password in this case) into a sequence of bytes (just a string) that looks like gibberish.